tracking down source/cause of garbage packets
Date: 9 Oct 2003 12:40:11 -0700
Our network has been having difficulties; and using iris (a windows
tool) we are seeing tons of packets that:
a) don't have a valid mac address
b) don't have valid IP addresses on either the sending or receiving
c) that have frames of either '---' (not valid) or 802.3
d) that have either the 'spanning tree' or 'SNAP' or '---' protocol
ie, they are basically dummies that are clogging our network. Any clue
might be causing this? Can a program (virus, etc) spoof mac addresses
well as IP? How would people go about tracking them down?
- Re: tracking down source/cause of garbage packets
... >tool) we are seeing tons of packets that: ... >a) don't have a valid mac address ... they are basically dummies that are clogging our network. ...
- Re: [opensuse] SuseFirewall IPv4 vs IPv6
... # network security threats. ... # Opening ports for LAN services in the external zone defeats the ... # this setting only works for packets destined for the local machine. ... # If the protocol is icmp then port is interpreted as icmp type ...
- Re: Ethernet issue: works one way but not another
... packets transmitted, 5 packets received, 0% packet loss ... (This is when connected directly to internet through ... FBSD, I have been working with BSDI at the isp I work for for the last ... As for my network topology, I have an internal network that goes ...
- Re: Update: UDP 770 Potential Worm
... > the network immediately after the 'attack', ... were no packets indicating some form of replication. ... I noticed that the UDP ... > of the UDP datagrams is the IP address of the proxy? ...
- Re: IDSIPS that can handle one Gig
... especially with 64-byte UDP packets. ... There are plenty of network IPS's ... IDS/IPS devices through use of fragments. ... Find out quickly and easily by testing it with real-world attacks from ...